diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index f1bb108a15aee8da60529f71c8da8f9fa7ee479d..a6895a704cfeadabf0e0e13cac9bf8e8981b0b22 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -44,7 +44,7 @@ manifest_list: version: d2ed4dad8b628d9355ceababb419b42c4b6d1866 abseil-cpp: remote_url: https://gitee.com/src-openeuler/abseil-cpp.git - version: ca9a18e96d10fb85a395191f31421e590ddbe39e + version: 18fc01e3d13bb45ebcee1f62b11ec8ec038ebb95 ackermann_msgs: remote_url: https://gitee.com/src-openeuler/ackermann_msgs.git version: ada460ea14a8ddfb5de825cc398c09b252c737b8 @@ -101,7 +101,7 @@ manifest_list: version: e5c71c776801c30771337ea5f42a6ebd5b959630 audit: remote_url: https://gitee.com/src-openeuler/audit.git - version: aaadf2aac197e2496cbdf21517e25dd8049cc20b + version: 8ae481d2fad9c7ecba2f74b0f8a7f8f7afaead7c autoconf: remote_url: https://gitee.com/src-openeuler/autoconf.git version: 484a68397339b8652121bf868874f8ad198d3739 @@ -122,7 +122,7 @@ manifest_list: version: 9db7a29bc7a044e26e25b918a73a3016d323be02 bash: remote_url: https://gitee.com/src-openeuler/bash.git - version: 745fdeb42e3832fdcf7a4acb97719d71d577c29e + version: fdb6c6f4fd5d68b9a109f5240edcbc1f6102db4b bash-completion: remote_url: https://gitee.com/src-openeuler/bash-completion.git version: 96c4b4bf85c67c72902094911e7a1a27881c718b @@ -137,7 +137,7 @@ manifest_list: version: 207a16a4466b1c48a0023fc4d8d9eecd297ce805 blktrace: remote_url: https://gitee.com/src-openeuler/blktrace.git - version: f7ec98be076dc523eeb4f61a3f95761581c321d0 + version: 371095b1e6a246f8ef8f365ba8c35046a5732b17 bluez: remote_url: https://gitee.com/src-openeuler/bluez.git version: 6bdfbaa3e816b528da3c210954c655bbf1107551 @@ -254,13 +254,13 @@ manifest_list: version: ed6951fd3877c6cac7f1237311f7278ac21634f3 coreutils: remote_url: https://gitee.com/src-openeuler/coreutils.git - version: bbdd3ae330b860cd4651803cb98d555af9b0b626 + version: 25d4144034cdf102b09a4ebdbb776126293e4de1 cpio: remote_url: https://gitee.com/src-openeuler/cpio.git version: 1bc7aba047c36abb53c5e0961384708c4f8cd4fa cppzmq: remote_url: https://gitee.com/src-openeuler/cppzmq.git - version: 3c5bae90f0ad5bae213356898146fdc4751f83ed + version: 9b40090d897be726ba77998396844f669b169c3c cracklib: remote_url: https://gitee.com/src-openeuler/cracklib.git version: 455f917dd1ace72a46c339715013ad5f4d7909e5 @@ -269,7 +269,7 @@ manifest_list: version: 62eca99a77b97288d2c39d771df6f76bceaf9335 cri-tools: remote_url: https://gitee.com/src-openeuler/cri-tools.git - version: 2f1263c9e02bdd4287d3062f8b16f67bfbb35e4d + version: b5ef5ac8c512ab04b83c701bff502caf6f737be1 cronie: remote_url: https://gitee.com/src-openeuler/cronie.git version: 840de45f563e75c1c945789eb79cab360c01c807 @@ -317,7 +317,7 @@ manifest_list: version: b37c8e53bfd636e803fd03d750c723626a6d4fb3 dnf: remote_url: https://gitee.com/src-openeuler/dnf.git - version: 58a40d649acc08882a9b0974ce582c2148e1d420 + version: ba58839de09b157f9c51cca8607bccdd6686e917 docbook-dtds: remote_url: https://gitee.com/src-openeuler/docbook-dtds.git version: 1d6138ed1971899ed8e63bc80f34bd70778b0d43 @@ -356,7 +356,7 @@ manifest_list: version: 110f9252640b50adf49d2e8825d13905782151e5 elfutils: remote_url: https://gitee.com/src-openeuler/elfutils.git - version: 4682e18c66b686e66599cf5a3e0f33e58b2209db + version: 26e388b1240421be84bf50f6eab0603ee032ca6d embedded-ipc: remote_url: https://gitee.com/openeuler/embedded-ipc.git version: 1e05e78e3d82fb2ef39e08a9e6fb3ca1cd918fcc @@ -368,7 +368,7 @@ manifest_list: version: d117d0caba507895d0a8be5ade71f1b43fa470cb ethtool: remote_url: https://gitee.com/src-openeuler/ethtool.git - version: 1df020430a8a354dd4a7f95dbb3c355b58268a93 + version: b58198eb6135c58968658589370eb7e0297e4019 eulercar: remote_url: https://gitee.com/HiEuler/eulercar.git version: f2082f092f934004c589a5ca97814f85f831ee98 @@ -380,7 +380,7 @@ manifest_list: version: 440bb2d5a42cb5287310bb1abeced370bb46cb52 expat: remote_url: https://gitee.com/src-openeuler/expat.git - version: bc9921d24c5828e143079bf1827754d8405c3d98 + version: 10fbdcee0e88324498d0a999f2b519c3a7070a3d expect: remote_url: https://gitee.com/src-openeuler/expect.git version: ccfedc2f07c598f74668b8a41163657bc97fbb40 @@ -395,7 +395,7 @@ manifest_list: version: 65cbd809d32906c17c55ece3591be60e8c878735 file: remote_url: https://gitee.com/src-openeuler/file.git - version: 438915eda3a73438efdaadceee8aa6bf8fe84f76 + version: 418949720ba4c46de85d4b0ab3959316b4647564 findutils: remote_url: https://gitee.com/src-openeuler/findutils.git version: 67a6e3bc8505206cd379cd625cf7224faf75ed1d @@ -494,7 +494,7 @@ manifest_list: version: 8e100984ef99db540e6114049b71e43539c4ec52 gnutls: remote_url: https://gitee.com/src-openeuler/gnutls.git - version: 133781f2d2d25c627588de0ecf3ec494709171b0 + version: 83e0afa5146ff5497b2c0857fa5432bb02117896 gobject-introspection: remote_url: https://gitee.com/src-openeuler/gobject-introspection.git version: f5f15680edc6b3edf75e2fe64a9cf40874d13327 @@ -506,7 +506,7 @@ manifest_list: version: e799fea4206121bc1d670c028e370b7eeee503c6 gpgme: remote_url: https://gitee.com/src-openeuler/gpgme.git - version: 241c34c13fc6e292cf6c13a8eefa7a8506b2b7cd + version: 0e1b3e8c528729ee8611c5995ae1e868e51b3ae3 gphoto2: remote_url: https://gitee.com/src-openeuler/gphoto2.git version: 384baf1bbaf3257f39445d6ae0179b1acfe7b68a @@ -524,16 +524,16 @@ manifest_list: version: eb28d24a82bb8e4fd2b8f86abdbc271cc13757f6 grub2: remote_url: https://gitee.com/src-openeuler/grub2.git - version: e2d60fd7cd0bbc5932e8da5a43a0dfa4c2231842 + version: 9e40d69ddcd4d73c4dd8295c25746d933bd5530a gsettings-desktop-schemas: remote_url: https://gitee.com/src-openeuler/gsettings-desktop-schemas.git version: 18864c8de8bb05085ea26ce0e182c9ef0b5c11cb gstreamer1: remote_url: https://gitee.com/src-openeuler/gstreamer1.git - version: 32f35eee65c402a8b206e7716f5a50ee6fd7a1b3 + version: 428aedbdd5d9c360f174bf95e79949f65cd43ff7 gstreamer1-plugins-base: remote_url: https://gitee.com/src-openeuler/gstreamer1-plugins-base.git - version: b0b81a3c0f0b20080937856faca561b57c29017a + version: a905ec30c0e567ba14c0fef699bd261e9381e08c gstreamer1.0-plugins-bad: remote_url: https://gitee.com/src-openeuler/gstreamer1-plugins-bad-free.git version: 968e951ab23be576485605038b74c174fcb711cf @@ -554,7 +554,7 @@ manifest_list: version: 3af3feaa00e037b10b4b3c7138973834c6a29411 harfbuzz: remote_url: https://gitee.com/src-openeuler/harfbuzz.git - version: 54f90bf4e76e8747aeb859181e73f7c302b7f8c9 + version: c18a24d19cac9af18d237ddb84d71fbeba419685 haveged: remote_url: https://gitee.com/src-openeuler/haveged.git version: 5cf2273c199e87a0db71c4a6d76b4d79773fce09 diff --git a/meta-openeuler/dynamic-layers/openembedded-layer/recipes-connectivity/zeromq/cppzmq_%.bbappend b/meta-openeuler/dynamic-layers/openembedded-layer/recipes-connectivity/zeromq/cppzmq_%.bbappend index 1722a6eb083b1b06e004444ca41a5749b68800bf..3a99ae41f605ec485a65c2416f6ed423bd85ec89 100644 --- a/meta-openeuler/dynamic-layers/openembedded-layer/recipes-connectivity/zeromq/cppzmq_%.bbappend +++ b/meta-openeuler/dynamic-layers/openembedded-layer/recipes-connectivity/zeromq/cppzmq_%.bbappend @@ -1,5 +1,5 @@ # main bbfile: yocto-meta-openembedded/meta-oe/recipes-connectivity/zeromq/cppzmq_git.bb -PV = "4.9.0" +PV = "4.10.0" SRC_URI:prepend = " \ file://v${PV}.tar.gz \ " diff --git a/meta-openeuler/dynamic-layers/openembedded-layer/recipes-devtools/abseil-cpp/abseil-cpp_%.bbappend b/meta-openeuler/dynamic-layers/openembedded-layer/recipes-devtools/abseil-cpp/abseil-cpp_%.bbappend index d774c57e57e0056781725410862d81a8db6398a9..665eb0a295f0983947a9e9845b385122825ad239 100644 --- a/meta-openeuler/dynamic-layers/openembedded-layer/recipes-devtools/abseil-cpp/abseil-cpp_%.bbappend +++ b/meta-openeuler/dynamic-layers/openembedded-layer/recipes-devtools/abseil-cpp/abseil-cpp_%.bbappend @@ -5,6 +5,7 @@ SRC_URI = " \ file://abseil-cpp-20210324.2-sw.patch \ file://0001-add-loongarch-suopport-for-abseil-cpp.patch \ file://0002-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch \ + file://backport-CVE-2025-0838.patch \ " EXTRA_OECMAKE += " \ diff --git a/meta-openeuler/recipes-core/audit/audit_%.bbappend b/meta-openeuler/recipes-core/audit/audit_%.bbappend index aea58596cfe50eea56ce5e209d6439a19d2f3d72..4d8f2628fd8de3dcac49206dbf814b7faed3fafd 100644 --- a/meta-openeuler/recipes-core/audit/audit_%.bbappend +++ b/meta-openeuler/recipes-core/audit/audit_%.bbappend @@ -52,6 +52,9 @@ SRC_URI += " \ file://backport-Fix-memory-leaks.patch \ file://backport-fix-one-more-leak.patch \ file://backport-Correct-output-when-displaying-rules-with-exe-path-d.patch \ + file://backport-ausearch-format-Fix-display-of-renamed-file-411.patch \ + file://backport-Fix-a-maybe-uninitialized-warning.patch \ + file://backport-ausearch-parse-fix-parsing-for-success-uid-in-parse_.patch \ " # we don't want audit python3 runtime tool diff --git a/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend b/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend index 54b187af4068cb3c442ef7031761c601093daaac..624c509d2bf91f53323603c4c4edf49c6ab9512d 100644 --- a/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend +++ b/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend @@ -48,6 +48,11 @@ SRC_URI:prepend = " \ file://backport-shuf-avoid-integer-overflow-on-huge-inputs.patch \ file://backport-shuf-fix-randomness-bug.patch \ file://backport-head-fix-overflows-in-elide_tail_bytes_pipe.patch \ + file://backport-numfmt-don-t-require-a-suffix-with-from-iec-i.patch \ + file://backport-sort-fix-debug-buffer-overrun.patch \ + file://backport-tac-avoid-out-of-bounds-access.patch \ + file://backport-yes-avoid-failure-on-CHERI-protected-systems.patch \ + file://backport-cat-fix-plain-cat-bug.patch \ file://coreutils-9.0-sw.patch \ " diff --git a/meta-openeuler/recipes-core/expat/expat_%.bbappend b/meta-openeuler/recipes-core/expat/expat_%.bbappend index 5bef40f8c426735a4a22c504ddf43d7f1c2bdb3a..9312493cf748d6a8e2ef263d7a6bcae69c1b67d2 100644 --- a/meta-openeuler/recipes-core/expat/expat_%.bbappend +++ b/meta-openeuler/recipes-core/expat/expat_%.bbappend @@ -34,4 +34,17 @@ SRC_URI = " \ file://backport-CVE-2024-45492.patch \ file://backport-CVE-2024-50602.patch \ file://backport-CVE-2024-50602-testcase.patch \ + file://backport-001-CVE-2024-8176.patch \ + file://backport-002-CVE-2024-8176.patch \ + file://backport-003-CVE-2024-8176.patch \ + file://backport-004-CVE-2024-8176.patch \ + file://backport-005-CVE-2024-8176.patch \ + file://backport-006-CVE-2024-8176.patch \ + file://backport-007-CVE-2024-8176.patch \ + file://backport-008-CVE-2024-8176.patch \ + file://backport-009-CVE-2024-8176.patch \ + file://backport-010-CVE-2024-8176.patch \ + file://backport-011-CVE-2024-8176.patch \ + file://backport-Stop-updating-m_eventPtr-on-exit-for-reentry.patch \ + file://backport-Make-parser-m_eventPtr-handling-clearer.patch \ " diff --git a/meta-openeuler/recipes-devtools/dnf/dnf_%.bbappend b/meta-openeuler/recipes-devtools/dnf/dnf_%.bbappend index 553dcf3cfd0ccf13cc95ad82ebb39530d8bc79fe..929824bdb94d4627502a4d06995b1cb6e48d20fd 100644 --- a/meta-openeuler/recipes-devtools/dnf/dnf_%.bbappend +++ b/meta-openeuler/recipes-devtools/dnf/dnf_%.bbappend @@ -22,6 +22,7 @@ SRC_URI:prepend = " \ file://backport-doc-Remove-provide-of-spec-definition-for-repoquery-command.patch \ file://backport-Update-the-man-page-entry-for-the-countme-option.patch \ file://backport-Allow-local-downloads-to-same-downloaddir.patch \ + file://bugfix-automatic-Use-add_security_filters-not-_update_secur.patch \ " # in oee, dnf is a prebuild-tool, so add the following patch when build nativesdk-dnf. diff --git a/meta-openeuler/recipes-devtools/elfutils/elfutils_%.bbappend b/meta-openeuler/recipes-devtools/elfutils/elfutils_%.bbappend index 4c3b2fc906809b0a39a1f29a221e60fa46ee4c19..f0387c1379ddd72912faae257dc2b3c43792c463 100644 --- a/meta-openeuler/recipes-devtools/elfutils/elfutils_%.bbappend +++ b/meta-openeuler/recipes-devtools/elfutils/elfutils_%.bbappend @@ -17,6 +17,14 @@ SRC_URI:append = " \ file://Fix-issue-of-moving-files-by-ar-or-br.patch \ file://CVE-2024-25260.patch \ file://Backport-fix-handling-of-corefiles-with-non-contiguous-segments.patch \ + file://add-sw_64-support.patch \ + file://backport-fix-riscv64-return-value-location-retrieval-implementation.patch \ + file://backport-CVE-2025-1352.patch \ + file://backport-CVE-2025-1365.patch \ + file://backport-CVE-2025-1371.patch \ + file://backport-CVE-2025-1372.patch \ + file://backport-CVE-2025-1376.patch \ + file://backport-CVE-2025-1377.patch \ " SRC_URI[sha256sum] = "e70b0dfbe610f90c4d1fe0d71af142a4e25c3c4ef9ebab8d2d72b65159d454c8" diff --git a/meta-openeuler/recipes-extended/bash/bash_%.bbappend b/meta-openeuler/recipes-extended/bash/bash_%.bbappend index eb4cb181cd40784694caca8c3d788f37688e8bc9..9c7ae5d30850606b43a38b45332db60f6cd2042f 100644 --- a/meta-openeuler/recipes-extended/bash/bash_%.bbappend +++ b/meta-openeuler/recipes-extended/bash/bash_%.bbappend @@ -37,6 +37,8 @@ SRC_URI:prepend = " \ file://backport-fix-for-cd-when-curent-directory-doesn-t-exist-fix-w.patch \ file://only-scripts-verified-by-execveat-are-allowed-to-run.patch \ file://Fix-for-a-crash-if-one-of-the-expressions-in-an-arit.patch \ + file://backport-posix-change-for-undoing-redirections-after-failed-e.patch \ + file://backport-fix-issue-with-failed-history-expansion-changing-the.patch \ " SRC_URI[tarball.sha256sum] = "13720965b5f4fc3a0d4b61dd37e7565c741da9a5be24edc2ae00182fc1b3588c" diff --git a/meta-openeuler/recipes-extended/ethtool/ethtool_%.bbappend b/meta-openeuler/recipes-extended/ethtool/ethtool_%.bbappend index 5949fe389c549e5fbd2f1617072b28e7b217128d..f8b6ec57c640e7e662a1b986bd43b01ebe365bb3 100644 --- a/meta-openeuler/recipes-extended/ethtool/ethtool_%.bbappend +++ b/meta-openeuler/recipes-extended/ethtool/ethtool_%.bbappend @@ -8,6 +8,7 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files/:" SRC_URI:prepend = "file://${BP}.tar.xz \ file://netlink-fix-typo.patch \ file://ethtool-add-suppport-specifications-for-vxlan-by-eth.patch \ + file://backport-ethtool-add-support-dump-registers-for-hibmcge-drive.patch \ " SRC_URI[sha256sum] = "5eaa083e8108e1dd3876b2c803a1942a2763942715b7f6eb916e189adbb44972" diff --git a/meta-openeuler/recipes-graphics/harfbuzz/harfbuzz_%.bbappend b/meta-openeuler/recipes-graphics/harfbuzz/harfbuzz_%.bbappend index f28dc7e66656f18c1e0dc6e3ba343771df311b93..0f7fea0f0a47c2b3f8255d79a18c1d48613bd7aa 100644 --- a/meta-openeuler/recipes-graphics/harfbuzz/harfbuzz_%.bbappend +++ b/meta-openeuler/recipes-graphics/harfbuzz/harfbuzz_%.bbappend @@ -7,5 +7,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b98429b8e8e3c2a67cfef01e99e4893d \ SRC_URI = "file://${BP}.tar.xz \ " +SRC_URI:append = " \ + file://backport-CVE-2024-56732.patch \ +" SRC_URI[sha256sum] = "1d1010a1751d076d5291e433c138502a794d679a7498d1268ee21e2d4a140eb4" diff --git a/meta-openeuler/recipes-kernel/blktrace/blktrace_%.bbappend b/meta-openeuler/recipes-kernel/blktrace/blktrace_%.bbappend index 44a2244cd7d3b95f4e3bbac31c87ae787394248e..56ce5be2bb52f3d21ace2dacb3e9ef435261102c 100644 --- a/meta-openeuler/recipes-kernel/blktrace/blktrace_%.bbappend +++ b/meta-openeuler/recipes-kernel/blktrace/blktrace_%.bbappend @@ -11,6 +11,7 @@ SRC_URI:prepend = " \ file://0004-blkparse-skip-check_cpu_map-with-pipe-input.patch \ file://0005-blkparse-fix-incorrectly-sized-memset-in-check_cpu_m.patch \ file://0006-fix-hang-when-BLKTRACESETUP-fails-and-o-is-used.patch \ + file://0007-blkparse-Fix-a-potential-coredump-issue.patch \ " S = "${WORKDIR}/${BP}" diff --git a/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_%.bbappend b/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_%.bbappend index a7714bdd615176760f5b15a393d749e88f13d31d..6943182e89e85e12f28f1c44ec7bbc3d7623bca4 100644 --- a/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_%.bbappend +++ b/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_%.bbappend @@ -18,6 +18,13 @@ SRC_URI:append = " \ file://CVE-2023-44446.patch \ file://CVE-2023-37329.patch \ file://0001-meson-build-gir-even-when-cross-compiling-if-introsp.patch \ + file://backport-CVE-2024-47538.patch \ + file://backport-CVE-2024-47541.patch \ + file://backport-CVE-2024-47542.patch \ + file://backport-CVE-2024-47600.patch \ + file://backport-CVE-2024-47607.patch \ + file://backport-CVE-2024-47615.patch \ + file://backport-CVE-2024-47835.patch \ " # unsupport for 1.16.2 diff --git a/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0_%.bbappend b/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0_%.bbappend index 99859e911b9687a22922526cd976dfb67c6aa919..987588d585536e4be997ffde5224c5d808460c2c 100644 --- a/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0_%.bbappend +++ b/meta-openeuler/recipes-multimedia/gstreamer/gstreamer1.0_%.bbappend @@ -9,4 +9,5 @@ SRC_URI:prepend = " \ # patches from openEuler SRC_URI:append = " \ file://gstreamer-inspect-rpm-format.patch \ + file://add-sw64-support.patch \ " diff --git a/meta-openeuler/recipes-support/gnupg/gnupg_%.bbappend b/meta-openeuler/recipes-support/gnupg/gnupg_%.bbappend index c171da82b7e15da456c12979f0303535f6e63408..e246f035f56a4b6450f727eab2b8e19d10af51a7 100644 --- a/meta-openeuler/recipes-support/gnupg/gnupg_%.bbappend +++ b/meta-openeuler/recipes-support/gnupg/gnupg_%.bbappend @@ -16,4 +16,4 @@ SRC_URI:append = " \ file://backport-dirmngr-Enable-the-call-of-ks_ldap_help_variables-wh.patch \ file://backport-gpg-Make-no-literal-work-again-for-c-and-store.patch \ file://backport-gpg-Fix-minor-memory-leak-during-certain-smartcard-o.patch \ - " + " diff --git a/meta-openeuler/recipes-support/gnutls/gnutls_%.bbappend b/meta-openeuler/recipes-support/gnutls/gnutls_%.bbappend index 671586e97975f2f7086c17acb3532cb7ee3ba8a3..e5fd49a5c2208df03e9b1c3f89c57f080f85055d 100644 --- a/meta-openeuler/recipes-support/gnutls/gnutls_%.bbappend +++ b/meta-openeuler/recipes-support/gnutls/gnutls_%.bbappend @@ -29,6 +29,7 @@ SRC_URI:append = " \ file://backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch \ file://backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch \ file://backport-fix-CVE-2024-28835-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch \ + file://backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch \ " EXTRA_OECONF:remove = "--disable-libdane \